mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 09:48:58 -04:00
[Security Solution] Detection Engine: Enable remaining Cypress tests and skip flaky Cypress tests (#170540)
## Summary - skips flaky `can bulk open alerts` test on `x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_status.cy.ts` - enables **serverless** for: `x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts` - removes outdated comments ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
This commit is contained in:
parent
c1681c8d49
commit
0063691ad5
3 changed files with 165 additions and 171 deletions
|
@ -38,7 +38,7 @@ import { visit } from '../../../tasks/navigation';
|
|||
import { ALERTS_URL } from '../../../urls/navigation';
|
||||
|
||||
// FLAKY: https://github.com/elastic/kibana/issues/169091
|
||||
describe('Changing alert status', () => {
|
||||
describe.skip('Changing alert status', { tags: ['@ess', '@serverless'] }, () => {
|
||||
before(() => {
|
||||
cy.task('esArchiverLoad', { archiveName: 'auditbeat_big' });
|
||||
});
|
||||
|
|
|
@ -38,7 +38,6 @@ import {
|
|||
previewErrorButtonClick,
|
||||
} from '../../tasks/entity_analytics';
|
||||
|
||||
// TODO: https://github.com/elastic/kibana/issues/161539
|
||||
describe(
|
||||
'Entity analytics management page',
|
||||
{
|
||||
|
|
|
@ -50,179 +50,174 @@ import {
|
|||
createEndpointExceptionListItem,
|
||||
} from '../../../tasks/api_calls/exceptions';
|
||||
|
||||
// TODO: https://github.com/elastic/kibana/issues/161539
|
||||
describe(
|
||||
'Add endpoint exception from rule details',
|
||||
{ tags: ['@ess', '@serverless', '@brokenInServerless'] },
|
||||
() => {
|
||||
const ITEM_NAME = 'Sample Exception List Item';
|
||||
const NEW_ITEM_NAME = 'Exception item-EDITED';
|
||||
const ITEM_FIELD = 'event.code';
|
||||
const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.type';
|
||||
describe('Add endpoint exception from rule details', { tags: ['@ess', '@serverless'] }, () => {
|
||||
const ITEM_NAME = 'Sample Exception List Item';
|
||||
const NEW_ITEM_NAME = 'Exception item-EDITED';
|
||||
const ITEM_FIELD = 'event.code';
|
||||
const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.type';
|
||||
|
||||
beforeEach(() => {
|
||||
deleteExceptionLists();
|
||||
deleteEndpointExceptionList();
|
||||
login();
|
||||
deleteAlertsAndRules();
|
||||
});
|
||||
|
||||
describe('without exception items', () => {
|
||||
beforeEach(() => {
|
||||
deleteExceptionLists();
|
||||
deleteEndpointExceptionList();
|
||||
login();
|
||||
deleteAlertsAndRules();
|
||||
});
|
||||
|
||||
describe('without exception items', () => {
|
||||
beforeEach(() => {
|
||||
createEndpointExceptionList().then((response) => {
|
||||
createRule(
|
||||
getNewRule({
|
||||
query: 'event.code:*',
|
||||
index: ['auditbeat*'],
|
||||
exceptions_list: [
|
||||
{
|
||||
id: response.body.id,
|
||||
list_id: response.body.list_id,
|
||||
type: response.body.type,
|
||||
namespace_type: response.body.namespace_type,
|
||||
},
|
||||
],
|
||||
rule_id: '2',
|
||||
enabled: false,
|
||||
})
|
||||
).then((rule) => visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' }));
|
||||
});
|
||||
});
|
||||
|
||||
it('creates an exception item', () => {
|
||||
// when no exceptions exist, empty component shows with action to add exception
|
||||
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist');
|
||||
|
||||
// open add exception modal
|
||||
openExceptionFlyoutFromEmptyViewerPrompt();
|
||||
|
||||
// submit button is disabled if no paramerters were added
|
||||
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
|
||||
|
||||
// for endpoint exceptions, must specify OS
|
||||
selectOs('windows');
|
||||
|
||||
// add exception item conditions
|
||||
addExceptionConditions({
|
||||
field: 'event.code',
|
||||
operator: 'is',
|
||||
values: ['foo'],
|
||||
});
|
||||
|
||||
// Name is required so want to check that submit is still disabled
|
||||
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
|
||||
|
||||
// add exception item name
|
||||
addExceptionFlyoutItemName(ITEM_NAME);
|
||||
|
||||
// Option to add to rule or add to list should NOT appear
|
||||
cy.get(ADD_TO_RULE_OR_LIST_SECTION).should('not.exist');
|
||||
|
||||
// not testing close alert functionality here, just ensuring that the options appear as expected
|
||||
cy.get(CLOSE_SINGLE_ALERT_CHECKBOX).should('not.exist');
|
||||
cy.get(CLOSE_ALERTS_CHECKBOX).should('exist');
|
||||
|
||||
// submit
|
||||
submitNewExceptionItem();
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
});
|
||||
});
|
||||
|
||||
describe('with exception items', () => {
|
||||
beforeEach(() => {
|
||||
createEndpointExceptionList().then((response) => {
|
||||
createEndpointExceptionListItem({
|
||||
comments: [],
|
||||
description: 'Exception list item',
|
||||
entries: [
|
||||
createEndpointExceptionList().then((response) => {
|
||||
createRule(
|
||||
getNewRule({
|
||||
query: 'event.code:*',
|
||||
index: ['auditbeat*'],
|
||||
exceptions_list: [
|
||||
{
|
||||
field: ITEM_FIELD,
|
||||
operator: 'included',
|
||||
type: 'match',
|
||||
value: 'foo',
|
||||
id: response.body.id,
|
||||
list_id: response.body.list_id,
|
||||
type: response.body.type,
|
||||
namespace_type: response.body.namespace_type,
|
||||
},
|
||||
],
|
||||
name: ITEM_NAME,
|
||||
tags: [],
|
||||
type: 'simple',
|
||||
os_types: ['windows'],
|
||||
});
|
||||
|
||||
createRule(
|
||||
getNewRule({
|
||||
name: 'Rule with exceptions',
|
||||
query: 'event.code:*',
|
||||
index: ['auditbeat*'],
|
||||
exceptions_list: [
|
||||
{
|
||||
id: response.body.id,
|
||||
list_id: response.body.list_id,
|
||||
type: response.body.type,
|
||||
namespace_type: response.body.namespace_type,
|
||||
},
|
||||
],
|
||||
rule_id: '2',
|
||||
enabled: false,
|
||||
})
|
||||
).then((rule) => {
|
||||
visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' });
|
||||
waitForRuleDetailsPageToBeLoaded('Rule with exceptions');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('edits an endpoint exception item', () => {
|
||||
// displays existing exception items
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist');
|
||||
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME);
|
||||
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ` ${ITEM_FIELD}IS foo`);
|
||||
|
||||
// open edit exception modal
|
||||
openEditException();
|
||||
|
||||
// edit exception item name
|
||||
editExceptionFlyoutItemName(NEW_ITEM_NAME);
|
||||
|
||||
// check that the existing item's field is being populated
|
||||
cy.get(EXCEPTION_ITEM_CONTAINER)
|
||||
.eq(0)
|
||||
.find(FIELD_INPUT_PARENT)
|
||||
.eq(0)
|
||||
.should('have.text', ITEM_FIELD);
|
||||
cy.get(VALUES_INPUT).should('have.text', 'foo');
|
||||
|
||||
// edit conditions
|
||||
editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0);
|
||||
|
||||
// submit
|
||||
submitEditedExceptionItem();
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// check that updates stuck
|
||||
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME);
|
||||
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.typeIS foo');
|
||||
});
|
||||
|
||||
it('allows user to search for items', () => {
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// can search for an exception value
|
||||
searchForExceptionItem('foo');
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// displays empty search result view if no matches found
|
||||
searchForExceptionItem('abc');
|
||||
|
||||
// new exception item displays
|
||||
cy.get(NO_EXCEPTIONS_SEARCH_RESULTS_PROMPT).should('exist');
|
||||
rule_id: '2',
|
||||
enabled: false,
|
||||
})
|
||||
).then((rule) => visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' }));
|
||||
});
|
||||
});
|
||||
}
|
||||
);
|
||||
|
||||
it('creates an exception item', () => {
|
||||
// when no exceptions exist, empty component shows with action to add exception
|
||||
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist');
|
||||
|
||||
// open add exception modal
|
||||
openExceptionFlyoutFromEmptyViewerPrompt();
|
||||
|
||||
// submit button is disabled if no paramerters were added
|
||||
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
|
||||
|
||||
// for endpoint exceptions, must specify OS
|
||||
selectOs('windows');
|
||||
|
||||
// add exception item conditions
|
||||
addExceptionConditions({
|
||||
field: 'event.code',
|
||||
operator: 'is',
|
||||
values: ['foo'],
|
||||
});
|
||||
|
||||
// Name is required so want to check that submit is still disabled
|
||||
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
|
||||
|
||||
// add exception item name
|
||||
addExceptionFlyoutItemName(ITEM_NAME);
|
||||
|
||||
// Option to add to rule or add to list should NOT appear
|
||||
cy.get(ADD_TO_RULE_OR_LIST_SECTION).should('not.exist');
|
||||
|
||||
// not testing close alert functionality here, just ensuring that the options appear as expected
|
||||
cy.get(CLOSE_SINGLE_ALERT_CHECKBOX).should('not.exist');
|
||||
cy.get(CLOSE_ALERTS_CHECKBOX).should('exist');
|
||||
|
||||
// submit
|
||||
submitNewExceptionItem();
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
});
|
||||
});
|
||||
|
||||
describe('with exception items', () => {
|
||||
beforeEach(() => {
|
||||
createEndpointExceptionList().then((response) => {
|
||||
createEndpointExceptionListItem({
|
||||
comments: [],
|
||||
description: 'Exception list item',
|
||||
entries: [
|
||||
{
|
||||
field: ITEM_FIELD,
|
||||
operator: 'included',
|
||||
type: 'match',
|
||||
value: 'foo',
|
||||
},
|
||||
],
|
||||
name: ITEM_NAME,
|
||||
tags: [],
|
||||
type: 'simple',
|
||||
os_types: ['windows'],
|
||||
});
|
||||
|
||||
createRule(
|
||||
getNewRule({
|
||||
name: 'Rule with exceptions',
|
||||
query: 'event.code:*',
|
||||
index: ['auditbeat*'],
|
||||
exceptions_list: [
|
||||
{
|
||||
id: response.body.id,
|
||||
list_id: response.body.list_id,
|
||||
type: response.body.type,
|
||||
namespace_type: response.body.namespace_type,
|
||||
},
|
||||
],
|
||||
rule_id: '2',
|
||||
enabled: false,
|
||||
})
|
||||
).then((rule) => {
|
||||
visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' });
|
||||
waitForRuleDetailsPageToBeLoaded('Rule with exceptions');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('edits an endpoint exception item', () => {
|
||||
// displays existing exception items
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist');
|
||||
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME);
|
||||
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ` ${ITEM_FIELD}IS foo`);
|
||||
|
||||
// open edit exception modal
|
||||
openEditException();
|
||||
|
||||
// edit exception item name
|
||||
editExceptionFlyoutItemName(NEW_ITEM_NAME);
|
||||
|
||||
// check that the existing item's field is being populated
|
||||
cy.get(EXCEPTION_ITEM_CONTAINER)
|
||||
.eq(0)
|
||||
.find(FIELD_INPUT_PARENT)
|
||||
.eq(0)
|
||||
.should('have.text', ITEM_FIELD);
|
||||
cy.get(VALUES_INPUT).should('have.text', 'foo');
|
||||
|
||||
// edit conditions
|
||||
editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0);
|
||||
|
||||
// submit
|
||||
submitEditedExceptionItem();
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// check that updates stuck
|
||||
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME);
|
||||
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.typeIS foo');
|
||||
});
|
||||
|
||||
it('allows user to search for items', () => {
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// can search for an exception value
|
||||
searchForExceptionItem('foo');
|
||||
|
||||
// new exception item displays
|
||||
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
|
||||
|
||||
// displays empty search result view if no matches found
|
||||
searchForExceptionItem('abc');
|
||||
|
||||
// new exception item displays
|
||||
cy.get(NO_EXCEPTIONS_SEARCH_RESULTS_PROMPT).should('exist');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue